A vSphere administrator manages a cluster which includes critical and non-critical virtual machines. The cluster
requires different permissions for contractors and non-contractors.
How can the administrator exclude the contractor group from some of the critical VMs?
A.
Apply permission for both contractors and non-contractors on the cluster level.
B.
Apply permission for both contractors and non-contractors on the cluster level. Remove permission on the
critical VMs for contractors.
C.
Remove permission for contractors on the cluster level. Apply permission on the critical VMs for noncontractors.
D.
Apply permission for both contractors and non-contractors on the VMs. Remove permission on the critical
VMs for contractors.
Isn’t it B, as it says that both contractors and non-contractors manage the cluster and what they need is exclusion from the critical VMs?
Explanation: https://docs.vmware.com/en/VMware-vSphere/6.5/com.vmware.vsphere.security.doc/GUID-9E7486ED-7ABF-46F7-B450-1A8ABD313CD8.html
1
0
Actually – not B.
Only D will work from the given options.
The correct solution would be
– Add “Administrator” or whatever role for contractors and non-contractors on cluster level
– Change role to “No access” on critical VMs
You cannot remove permission which is inherited from parent object.
Anyway, the question itself, again, is a bit vague; what is meant by “apply permission”…???
0
0
I meant change role for contractors…
0
0
I considered the “apply permission” as the configuration inside the role (which are defined as permissions), so you would add a permission on the cluster level role (applying an admin role as an example) and a no access role, thereby taking off the permissions, on VM lvl (as you explained in your reply) – that’s why I suppose B is the correct one.
1
0
Answer is B.
2
0
I agree with B being the correct answer. By adding a more restrictive permission to Contractors on the VM level you are effectively “removing permissions” that were assigned at a higher level in vCenter.
For D to be correct, I would remove the following:
“Remove permission on the critical VMs for contractors”
Since you are applying permissions on the VM level, you would only give Contractors access to the VMs they need. What’s more, why would you apply permissions on the VM level when doing that on the cluster level is a much simpler solution, still achieving the requirement?
0
0
B
1
0
Besides, part of new 125Q 2V0-622PSE dumps are available here:
https://drive.google.com/open?id=0B-ob6L_QjGLpaXhnQWQ4S2Ffc1k
Best Regards!
1
0